classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2017


Are IP cameras vulnerable to ­cyber attacks?
September 2017, Cyber Security, CCTV, Surveillance & Remote Monitoring

The Internet of Things (IoT) is currently on the rise and with the expansion of digitisation, the separation between physical security and network security is no longer clear.

Previously, intrusion detection, access control, video surveillance and other physical security technologies operated primarily on analogue infrastructure, while networks, servers, computers, tablet and smartphones operated separately on IP-based infrastructure. The introduction of IP-based infrastructure has changed this and has revolutionised physical security by delivering the benefits of high-capacity, low-latency performance efficiencies and operational cost-effectiveness.

Now, nearly every security camera or sensor technology sold today operates on an Ethernet-based wired or wireless network which means that physical security solutions, like video surveillance systems, are prone to the same types of attacks and exploitations that have inundated data networks for decades. So, how do organisations secure their physical security network to ensure that the very infrastructure that is meant to be protecting business assets isn’t used against them?

It starts with treating the physical security infrastructure and devices in the same manner as network infrastructure and devices. Therefore, protecting everything, right down to switch level.

Analogue vs. IP

Cameras on a modern analogue CCTV system send their video footage in base band format over cabling back to a digital video recorder (DVR) where it is digitised and stored on hard drives. On the other hand, IP cameras broadcast their video as a digital stream over an IP network, and because the video is an IP stream straight from the camera, the DVR is replaced by a network video recorder (NVR) which determines how and where footage is stored.

The analogue system is traditionally more secure given that it is usually physically separated from other network components, but the benefits that can be gained from using an IP-based system mean that the risks thereof need to be properly considered and mitigated.

A single IP device is all it takes

Considering how important a CCTV surveillance system is in protecting everything, from private medical research facilities, to military bases and power generation facilities, the protection of the physical security solution itself has become a concern. Whereas analogue physical security implementations benefited from a certain degree of protection simply by not being connected to other systems, an IP-based CCTV system generally uses the same network infrastructure as the rest of the company.

This means that an attacker no longer needs direct, on-site access to equipment or infrastructure in order to take the system offline, monitor video footage without authorisation, steal or destroy recordings, or modify content. In fact, a single device is all it takes, as an attacker only needs access to one IP-based device (like an IP camera) to potentially gain access to the company’s entire network and digital assets.

Protecting the physical security network

The typical CCTV deployment connects servers and management consoles to IP-enabled cameras and NVRs. Because these systems also need to interact with broader security measures, such as access control systems, alarms and security incident management software – each of these connections is thus a vulnerability.

So how can businesses protect their IP-based CCTV systems from intruders given the ever-expanding nature of the Internet of Things? There are a number of common-sense methods that bear repetition. An IP-based surveillance system needs network protection and it is advisable to use a dedicated network for clients and servers and to separate surveillance from these networks in addition to establishing a secure perimeter with a strong firewall.

There are also specific network access control solutions that have been created to help protect IP devices, like cameras against the threat of viruses and other malicious software, sealing hardware and software devices off from outside attacks and isolating them from the corporate network should they become infected. To tighten up any perimeter weakness, organisations should use port protection to set up switches within their networks and restrict user access to certain parts of the network.

These are available as pre-staged servers that are available as pre-configured 8-port or 24-port switches that make for an easy setup. By placing protection at a port level, it becomes possible to add switches and quickly allow or block devices. These protective appliances usually have display panels that provide information on the network, such as the device IP and MAC addresses, port number the devices are connected to on the switch and authentication status.

In the event of an unauthenticated device, an alarm will be triggered in the video management system, even if the appliance is turned off. These alarms provide information about the detected device and its connected network port, allowing the security operator to take immediate informed action. By placing intelligent security at switch level, it is possible to effectively cover the vulnerabilities presented by the IoT in that it is now possible to protect a company’s network from an unknown device gaining unauthorised access, automatically. If an unknown device attempts to log on to a network, it is blocked from the rest of the network, quarantined and reported, before the intruder has a chance to do any harm.

It’s important for businesses to remember that an IP-camera, just like any IP-device, is no longer just a product or a device – it is a vulnerability and it is time to start treating everything on the physical security network in the same vein.

For more information contact Graphic Image Technologies, +27 (0)11 483 0333, laurence@git.co.za, www.git.co.za


Credit(s)
Supplied By: Graphic Image Technologies
Tel: +27 11 483 0333
Fax: +27 11 483 0330
Email: sales@git.co.za
www: www.git.co.za
  Share via Twitter   Share via LinkedIn      

Further reading:

  • DDoS detection and mitigation platform
    September 2017, Networks Unlimited, Cyber Security, Products
    Arbor Networks further automates DDoS attack mitigation for MSSPs and enterprise customers.
  • Back to the future
    September 2017, Adamastor Consulting, This Week's Editor's Pick, Cyber Security, Integrated Solutions, Residential Estate (Industry)
    The future is not what it used to be. Rob Anderson looks at estate security in 2027.
  • Managing technology risks for effective estate security
    September 2017, Technews Publishing, Residential Estate (Industry), Cyber Security, Integrated Solutions, Conferences & Events
    Hi-Tech Security Solutions and Rob Anderson hosted the Residential Estate Security Conference 2017 in Johannesburg earlier this year.
  • Deepening the value of surveillance
    September 2017, Hikvision South Africa, Residential Estate (Industry), CCTV, Surveillance & Remote Monitoring, Cyber Security
    Deep Learning has swept through the IT industry, bringing benefits and better classifications to a number of applications. Now it’s changing security as well.
  • Bringing comprehensive security to estates
    September 2017, Elvey, Residential Estate (Industry), CCTV, Surveillance & Remote Monitoring, Products
    Elvey cemented its involvement and presence in the residential estate market at this year’s Hi-Tech Security Solutions’ Residential Estate Security Conference.
  • Why moving to IP is the best move
    September 2017, MiRO Distribution, Residential Estate (Industry), CCTV, Surveillance & Remote Monitoring, IT infrastructure
    Advances in technology offer residential estates and home owners access to the latest in security technology without having to pay a fortune for hardware, installation costs or complex cable runs.
  • Robust and reliable
    September 2017, Forbatt SA, Residential Estate (Industry), CCTV, Surveillance & Remote Monitoring, Products
    In the ever-changing and harsh conditions in which our security professionals operate it is critical to align oneself with body-worn cameras built for its purpose.
  • Advances in video analytics
    September 2017, Avigilon, Bosch Security Systems, Reditron, Cathexis Technologies, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Perimeter Security, Alarms & Intruder Detection, Residential Estate (Industry)
    Analytics technologies are continually advancing to not only alert to potential threats, but also to reduce the occurrence of false alarms.
  • Enhancing estate control rooms
    September 2017, Cathexis Technologies, Residential Estate (Industry), CCTV, Surveillance & Remote Monitoring
    Integrated security systems require that all aspects of the security system work seamlessly together, while being managed by the heart of the system, which is the control room.
  • Securing the perimeter at ­Chapman’s Bay Estate
    September 2017, Axis Communications SA, Residential Estate (Industry), CCTV, Surveillance & Remote Monitoring, Perimeter Security, Alarms & Intruder Detection
    Axis Communications’ thermal cameras make life hot for criminals trying to breach the estate’s perimeter, while providing visual verification of on-site personnel.
  • No sense of humour about security
    September 2017, Residential Estate (Industry), CCTV, Surveillance & Remote Monitoring, Access Control & Identity Management, Perimeter Security, Alarms & Intruder Detection, Security Services & Risk Management
    Louis de Jager has taken on the job of risk manager at Val de Vie to ensure residents live out the estate’s promise of a ‘life worth living.’
  • Multi-layered estate security
    September 2017, Security Services & Risk Management, CCTV, Surveillance & Remote Monitoring, Residential Estate (Industry)
    Intelligence and technology protect Zimbali Coastal Resort & Estate through a comprehensive, multi-layered perimeter-to-home system.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.